To make your database more resistant to aggression, take a few steps. Some measures are just part of good server management, such as having the latest patches for SQL Server, and others including user supervision in use. Here are five steps:
Find the latest service packs
Make sure you always have the latest service packs. For SQL Server2000, this is SP3a. Remember that service packs are multiple; If you apply SP3a, you do not have to use the service packs that preceded them, such as SP3,SP2 or SP1. SP3 is a special service pack that, once installed, no longer uses any of the previous upgrades, but it requires installation of SP1 or SP2.
Registering Security alerts
While service packs help protect your SQL Server database from many threats, they are a bit overwhelmed with fast-running security issues, such as an attacker's worm. You need to sign up for Microsoft's free Security Notification Service, which will email you what intrusion into your security system is and how to fix it.
Run Microsoft Baseline Security Analyzer (MBSA)
This tool is for SQL Server and MSDE2000 desktop engines. It can be used both locally and on the Internet. It looks for problems with passwords, access rights, access control lists, and registrations, and it finds missing security packs or service packs. You can find relevant information on TechNet.
Delete SA and old password
One common mistake that people make about security is not to change the system admin password. You can easily ignore installation files and remaining configuration information, without properly protected authentication information and other sensitive data, which can be compromised. You must delete the old installation files: program FilesMicrosoft SQL Servermssqlinstall or program FilesMicrosoft SQL Severmssqlinstall or program file S Microsoft SQL servermssql$install folders. Again, use the KillPwd tool to find old passwords and delete them.
monitoring connections
A join can tell you who is trying to get into SQL Server, so monitoring joins is a good way to keep your database secure. There may be too much linked data to monitor for a large, running SQL Server, but monitoring those failed links is necessary because they may represent attempts to get in. You can login those failed links on the Enterprise Manager, 1. Right-click the server and select Properties. 2. Click on the Security tab and select Failure under Audit level. 3. Stop and restart the server to get the start of the check.